<?php
/**
 * check_chat.php
 *
 * INPUT: 	$_REQUEST['user1']
 * 			$_REQUEST['user2']
 * OUTPUT: 	an XML file with chat messages.
 * 
 * By Laurens Van Keer
 */
 
header('Content-Type: text/xml');
echo '<?xml version="1.0" encoding="UTF-8" standalone="no" ?>' . PHP_EOL;
 
// CONNECT TO DB
require('../config.php');
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die ('<Error>Error connecting to mysql!</Error>');
mysql_select_db($dbname);
// DONE CONNECTING

if ( empty($_REQUEST['user1']) ) {
	die('<Error>No user specified!</Error>' . PHP_EOL . '</Users>');
} else {

	// get usernames
	$user1 = mysql_real_escape_string(htmlentities($_REQUEST['user1']));
	$user2 = mysql_real_escape_string(htmlentities($_REQUEST['user2']));
	
	// send query
	$query = "SELECT * FROM geo_chat WHERE (fromUser='$user1' AND toUser='$user2') OR (fromUser='$user2' AND toUser='$user1') ORDER BY time DESC";
	if ( $result = mysql_query($query) ) {
	
		// parse results
		echo '<Chat>' . PHP_EOL;
		while($row = mysql_fetch_assoc($result)) {
			echo '<Message>' . PHP_EOL;
				echo '<User>' . htmlentities($row['fromUser']) . '</User>' . PHP_EOL;
				echo '<Time>' . htmlentities(date('j F Y - H:i', (int)$row['time'])) . '</Time>' . PHP_EOL;
				echo '<Text>' . htmlentities($row['message']) . '</Text>' . PHP_EOL;
			echo '</Message>' . PHP_EOL;
		}
		echo '</Chat>' . PHP_EOL;
		
	} else {
	
		die ('<Error>' + mysql_error() + ' - Query: ' + $query + '</Error>');
	
	}
	
}
?>